[TYPO3] Display Image From MySQL Database
Dmitry Dulepov [typo3]
dmitry at typo3.org
Sat Sep 13 15:22:35 CEST 2008
Hi!
Lee M. Childress wrote:
> I'm going bonkers. I am using an image tag <img
> src="render_image.php?db=0&id=317" alt="" /> to display an image
> contained in a mysql database. I am using the following script to
> display the image:
>
> /** * RENDER IMAGE * ============ */ if ($_GET['id'] &&
> $_GET['db']) { if (strtolower($_GET['db']) == '0') { $_db =
> 'events'; $new_width = 200; } if
> (strtolower($_GET['db']) == '1') { $_db = 'recipes';
> $new_width = 200; } $sql = new MySQL;
> $sql->mysql_query = 'SELECT image FROM ' . $_db . ' WHERE id = ' .
> $_GET['id'] . ' LIMIT 1'; $sql->connect(); $_row =
Your code is very insecure. Hackers will have a lotf ways to break into your system.
> I keep getting a broken image. Any ideas?
No. Not TYPO3-related for sure...
--
Dmitry Dulepov
TYPO3 Core team
My TYPO3 book: http://www.packtpub.com/typo3-extension-development/book
In the blog: http://typo3bloke.net/pages/book-reviews/presentation-zen-by-garr-reynolds/
More information about the TYPO3-english
mailing list